diff --git a/app/controllers/reports_controller.rb b/app/controllers/reports_controller.rb index e3fdb95d8..a888207f9 100644 --- a/app/controllers/reports_controller.rb +++ b/app/controllers/reports_controller.rb @@ -24,6 +24,13 @@ class ReportsController < ApplicationController @upload_reports = Reports::UploadTags.includes(versions: { post: :versions }).for_user(params[:user_id]).order("id desc").paginate(params[:page], :limit => params[:limit]) end + def flag_targeting + end + + def flag_targeting_create(user_id) + + end + def down_voting_post end diff --git a/app/logical/danbooru_math.rb b/app/logical/danbooru_math.rb new file mode 100644 index 000000000..acf69b767 --- /dev/null +++ b/app/logical/danbooru_math.rb @@ -0,0 +1,11 @@ +class DanbooruMath + def self.ci_lower_bound(pos, n, confidence = 0.95) + if n == 0 + return 0 + end + + z = Statistics2.pnormaldist(1-(1-confidence)/2) + phat = 1.0*pos/n + 100 * (phat + z*z/(2*n) - z * Math.sqrt((phat*(1-phat)+z*z/(4*n))/n))/(1+z*z/n) + end +end diff --git a/app/logical/reports/post_flags.rb b/app/logical/reports/post_flags.rb new file mode 100644 index 000000000..2e494e81a --- /dev/null +++ b/app/logical/reports/post_flags.rb @@ -0,0 +1,62 @@ +module Reports + class PostFlags + attr_reader :user_id, :date_range + + def initialize(user_id:, date_range:) + @user_id = user_id + @date_range = date_range + end + + def candidates + PostFlag.where("posts.uploader_id = ? and posts.created_at >= ? and post_flags.creator_id <> ?", user_id, date_range, User.system.id).joins(:post).pluck("post_flags.creator_id").uniq + end + + def build_message(user_id, data) + user_name = User.id_to_name(user_id) + + if data.empty? + return "There don't appear to be any users targeting #{user_name} for flags." + else + msg = "The following users may be targeting #{user_name} for flags. Over half of their flags are targeting the user, with 95\% confidence.\n\n" + + data.each do |flagger_id, targets| + targets.each do |uploader_id, score| + if uploader_id == user_id && score > 50 + msg += "* " + User.id_to_name(flagger_id) + end + end + end + end + end + + def attackers + matches = [] + + build.each do |flagger, uploaders| + if uploaders[user_id].to_i > 50 + matches << flagger + end + end + + return matches + end + + def build + flaggers = Hash.new {|h, k| h[k] = {}} + + candidates.each do |candidate| + PostFlag.joins(:post).where("post_flags.creator_id = ? and posts.created_at >= ?", candidate, date_range).select("posts.uploader_id").group("posts.uploader_id").having("count(*) > 1").count.each do |uploader_id, count| + flaggers[candidate][uploader_id] = count + end + + sum = flaggers[candidate].values.sum + + flaggers[candidate].each_key do |user_id| + flaggers[candidate][user_id] = DanbooruMath.ci_lower_bound(flaggers[candidate][user_id], sum) + end + end + + return flaggers + end + end +end diff --git a/app/models/post_flag.rb b/app/models/post_flag.rb index 644b3b6a1..a53d492e7 100644 --- a/app/models/post_flag.rb +++ b/app/models/post_flag.rb @@ -8,13 +8,13 @@ class PostFlag < ApplicationRecord end COOLDOWN_PERIOD = 3.days + CREATION_THRESHOLD = 10 # in 30 days - belongs_to :creator, :class_name => "User" + belongs_to_creator :class_name => "User" belongs_to :post - validates_presence_of :reason, :creator_id, :creator_ip_addr - validate :validate_creator_is_not_limited + validates_presence_of :reason + validate :validate_creator_is_not_limited, on: :create validate :validate_post - before_validation :initialize_creator, :on => :create validates_uniqueness_of :creator_id, :scope => :post_id, :on => :create, :unless => :is_deletion, :message => "have already flagged this post" before_save :update_post attr_accessor :is_deletion @@ -156,6 +156,14 @@ class PostFlag < ApplicationRecord def validate_creator_is_not_limited return if is_deletion + if PostFlag.for_creator(creator_id).where("created_at > ?", 30.days.ago).count >= CREATION_THRESHOLD + report = Reports::PostFlags.new(user_id: post.uploader_id, date_range: 90.days.ago) + + if report.attackers.include?(creator_id) + errors[:creator] << "cannot flag posts uploaded by this user" + end + end + if CurrentUser.can_approve_posts? # do nothing elsif creator.created_at > 1.week.ago @@ -178,11 +186,6 @@ class PostFlag < ApplicationRecord errors[:post] << "is deleted" if post.is_deleted? end - def initialize_creator - self.creator_id ||= CurrentUser.id - self.creator_ip_addr = CurrentUser.ip_addr if creator_ip_addr == "127.0.0.1" || creator_ip_addr.blank? - end - def resolve! update_column(:is_resolved, true) end diff --git a/test/unit/post_flag_test.rb b/test/unit/post_flag_test.rb index a968d2639..c5e6d763f 100644 --- a/test/unit/post_flag_test.rb +++ b/test/unit/post_flag_test.rb @@ -3,116 +3,168 @@ require 'test_helper' class PostFlagTest < ActiveSupport::TestCase context "In all cases" do setup do - Timecop.travel(2.weeks.ago) do - @alice = FactoryBot.create(:gold_user) + travel_to(2.weeks.ago) do + @alice = create(:gold_user) + end + as(@alice) do + @post = create(:post, tag_string: "aaa", uploader: @alice) end - CurrentUser.user = @alice - CurrentUser.ip_addr = "127.0.0.2" - @post = FactoryBot.create(:post, :tag_string => "aaa") - end - - teardown do - CurrentUser.user = nil - CurrentUser.ip_addr = nil end context "a basic user" do setup do - Timecop.travel(2.weeks.ago) do - @bob = FactoryBot.create(:user) + travel_to(2.weeks.ago) do + @bob = create(:user) end - CurrentUser.user = @bob end should "not be able to flag more than 1 post in 24 hours" do - @post_flag = PostFlag.new(:post => @post, :reason => "aaa", :is_resolved => false) + @post_flag = PostFlag.new(post: @post, reason: "aaa", is_resolved: false) @post_flag.expects(:flag_count_for_creator).returns(1) assert_difference("PostFlag.count", 0) do - @post_flag.save + as(@bob) { @post_flag.save } end assert_equal(["You can flag 1 post a day"], @post_flag.errors.full_messages) end end context "a gold user" do + setup do + travel_to(2.weeks.ago) do + @bob = create(:gold_user) + end + end + should "not be able to flag a post more than twice" do - assert_difference("PostFlag.count", 1) do - @post_flag = PostFlag.create(:post => @post, :reason => "aaa", :is_resolved => false) + assert_difference(-> { PostFlag.count }, 1) do + as(@bob) do + @post_flag = PostFlag.create(post: @post, reason: "aaa", is_resolved: false) + end end - assert_difference("PostFlag.count", 0) do - @post_flag = PostFlag.create(:post => @post, :reason => "aaa", :is_resolved => false) + assert_difference(-> { PostFlag.count }, 0) do + as(@bob) do + @post_flag = PostFlag.create(post: @post, reason: "aaa", is_resolved: false) + end end assert_equal(["have already flagged this post"], @post_flag.errors[:creator_id]) end + should "not be able to target a single uploader" do + travel_to(2.weeks.ago) do + as(@alice) do + @posts = FactoryBot.create_list(:post, 10, uploader: @alice) + end + end + + as(@bob) do + travel_to(1.week.ago) do + @flags = @posts.map {|x| PostFlag.create(reason: "bad #{x.id}", post: x)} + end + + @bad_flag = PostFlag.create(post: @post, reason: "bad #{@post.id}") + end + + assert_equal(["You cannot flag posts uploaded by this user"], @bad_flag.errors.full_messages) + end + should "not be able to flag more than 10 posts in 24 hours" do - @post_flag = PostFlag.new(:post => @post, :reason => "aaa", :is_resolved => false) - @post_flag.expects(:flag_count_for_creator).returns(10) - assert_difference("PostFlag.count", 0) do - @post_flag.save + as(@bob) do + @post_flag = PostFlag.new(post: @post, reason: "aaa", is_resolved: false) + @post_flag.expects(:flag_count_for_creator).returns(10) + + assert_difference(-> { PostFlag.count }, 0) do + @post_flag.save + end end assert_equal(["You can flag 10 posts a day"], @post_flag.errors.full_messages) end should "not be able to flag a deleted post" do - @post.update_attribute(:is_deleted, true) - assert_difference("PostFlag.count", 0) do - @post_flag = PostFlag.create(:post => @post, :reason => "aaa", :is_resolved => false) + as(@alice) do + @post.update(is_deleted: true) + end + + assert_difference(-> { PostFlag.count }, 0) do + as(@bob) do + @post_flag = PostFlag.create(post: @post, reason: "aaa", is_resolved: false) + end end assert_equal(["Post is deleted"], @post_flag.errors.full_messages) end should "not be able to flag a pending post" do - @post.update_columns(is_pending: true) - @flag = @post.flags.create(reason: "test") + as(@alice) do + @post.update(is_pending: true) + end + as(@bob) do + @flag = @post.flags.create(reason: "test") + end assert_equal(["Post is pending and cannot be flagged"], @flag.errors.full_messages) end should "not be able to flag a post in the cooldown period" do - users = FactoryBot.create_list(:user, 2, created_at: 2.weeks.ago) - flag1 = FactoryBot.create(:post_flag, post: @post, creator: users.first) - @post.approve! + @mod = create(:moderator_user) + + travel_to(2.weeks.ago) do + @users = FactoryBot.create_list(:user, 2) + end + + as(@users.first) do + @flag1 = PostFlag.create(post: @post, reason: "something") + end + + as(@mod) do + @post.approve! + end travel_to(PostFlag::COOLDOWN_PERIOD.from_now - 1.minute) do - flag2 = FactoryBot.build(:post_flag, post: @post, creator: users.second) - assert(flag2.invalid?) - assert_match(/cannot be flagged more than once/, flag2.errors[:post].join) + as(@users.second) do + @flag2 = PostFlag.create(post: @post, reason: "something") + end + assert_match(/cannot be flagged more than once/, @flag2.errors[:post].join) end travel_to(PostFlag::COOLDOWN_PERIOD.from_now + 1.minute) do - flag3 = FactoryBot.build(:post_flag, post: @post, creator: users.second) - assert(flag3.valid?) + as(@users.second) do + @flag3 = PostFlag.create(post: @post, reason: "something") + end + assert(@flag3.errors.empty?) end end should "initialize its creator" do - @post_flag = PostFlag.create(:post => @post, :reason => "aaa", :is_resolved => false) + @post_flag = as(@alice) do + PostFlag.create(:post => @post, :reason => "aaa", :is_resolved => false) + end assert_equal(@alice.id, @post_flag.creator_id) - assert_equal(IPAddr.new("127.0.0.2"), @post_flag.creator_ip_addr) + assert_equal(IPAddr.new("127.0.0.1"), @post_flag.creator_ip_addr) end end context "a moderator user" do setup do - Timecop.travel(2.weeks.ago) do - @dave = FactoryBot.create(:moderator_user) + travel_to(2.weeks.ago) do + @dave = create(:moderator_user) end - CurrentUser.user = @dave end should "not be able to view flags on their own uploads" do - @modpost = FactoryBot.create(:post, :tag_string => "mmm",:uploader_id => @dave.id) - CurrentUser.scoped(@alice) do + @modpost = create(:post, :tag_string => "mmm", :uploader => @dave) + as(@alice) do @flag1 = PostFlag.create(:post => @modpost, :reason => "aaa", :is_resolved => false) end + assert_equal(false, @dave.can_view_flagger_on_post?(@flag1)) - flag2 = PostFlag.search(:creator_id => @alice.id) - assert_equal(0, flag2.length) - flag3 = PostFlag.search({}) - assert_nil(JSON.parse(flag3.to_json)[0]["creator_id"]) + + as(@dave) do + flag2 = PostFlag.search(:creator_id => @alice.id) + assert_equal(0, flag2.length) + flag3 = PostFlag.search({}) + assert_nil(JSON.parse(flag3.to_json)[0]["creator_id"]) + end end end end