Elgato_dark/appwrite
1
0
Fork 0
mirror of https://github.com/appwrite/appwrite synced 2026-05-24 09:28:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Update to use new database abuse adapter

Browse source
This commit is contained in:
Bradley Schofield 2024-08-16 08:18:57 +00:00
parent 5e5c8007e2
commit 9f52fc4e3b
5 changed files with 27 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/controllers/api/projects.php
View file

@ -16,7 +16,7 @@ use Appwrite\Utopia\Database\Validator\Queries\Projects;
use Appwrite\Utopia\Request; use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response; use Appwrite\Utopia\Response;
use PHPMailer\PHPMailer\PHPMailer; use PHPMailer\PHPMailer\PHPMailer;
use Utopia\Abuse\Adapters\TimeLimit; use Utopia\Abuse\Adapters\Database as AbuseDatabase;
use Utopia\App; use Utopia\App;
use Utopia\Audit\Audit; use Utopia\Audit\Audit;
use Utopia\Cache\Cache; use Utopia\Cache\Cache;
@ -209,7 +209,7 @@ App::post('/v1/projects')
$audit = new Audit($dbForProject); $audit = new Audit($dbForProject);
$audit->setup(); $audit->setup();
$abuse = new TimeLimit('', 0, 1, $dbForProject); $abuse = new AbuseDatabase('', 0, 1, $dbForProject);
$abuse->setup(); $abuse->setup();
/** @var array $collections */ /** @var array $collections */

22
app/controllers/shared/api.php
View file

@ -18,7 +18,7 @@ use Appwrite\Messaging\Adapter\Realtime;
use Appwrite\Utopia\Request; use Appwrite\Utopia\Request;
use Appwrite\Utopia\Response; use Appwrite\Utopia\Response;
use Utopia\Abuse\Abuse; use Utopia\Abuse\Abuse;
use Utopia\Abuse\Adapters\TimeLimit; use Utopia\Abuse\Adapters\Database as AbuseDatabase;
use Utopia\App; use Utopia\App;
use Utopia\Cache\Adapter\Filesystem; use Utopia\Cache\Adapter\Filesystem;
use Utopia\Cache\Cache; use Utopia\Cache\Cache;
@ -373,15 +373,15 @@ App::init()
* Abuse Check * Abuse Check
*/ */
$abuseKeyLabel = $route->getLabel('abuse-key', 'url:{url},ip:{ip}'); $abuseKeyLabel = $route->getLabel('abuse-key', 'url:{url},ip:{ip}');
$timeLimitArray = []; $abuseAdapterArray = [];
$abuseKeyLabel = (!is_array($abuseKeyLabel)) ? [$abuseKeyLabel] : $abuseKeyLabel; $abuseKeyLabel = (!is_array($abuseKeyLabel)) ? [$abuseKeyLabel] : $abuseKeyLabel;
foreach ($abuseKeyLabel as $abuseKey) { foreach ($abuseKeyLabel as $abuseKey) {
$start = $request->getContentRangeStart(); $start = $request->getContentRangeStart();
$end = $request->getContentRangeEnd(); $end = $request->getContentRangeEnd();
$timeLimit = new TimeLimit($abuseKey, $route->getLabel('abuse-limit', 0), $route->getLabel('abuse-time', 3600), $dbForProject); $abuseAdapter = new AbuseDatabase($abuseKey, $route->getLabel('abuse-limit', 0), $route->getLabel('abuse-time', 3600), $dbForProject);
$timeLimit $abuseAdapter
->setParam('{projectId}', $project->getId()) ->setParam('{projectId}', $project->getId())
->setParam('{userId}', $user->getId()) ->setParam('{userId}', $user->getId())
->setParam('{userAgent}', $request->getUserAgent('')) ->setParam('{userAgent}', $request->getUserAgent(''))
@ -389,7 +389,7 @@ App::init()
->setParam('{url}', $request->getHostname() . $route->getPath()) ->setParam('{url}', $request->getHostname() . $route->getPath())
->setParam('{method}', $request->getMethod()) ->setParam('{method}', $request->getMethod())
->setParam('{chunkId}', (int) ($start / ($end + 1 - $start))); ->setParam('{chunkId}', (int) ($start / ($end + 1 - $start)));
$timeLimitArray[] = $timeLimit; $abuseAdapterArray[] = $abuseAdapter;
} }
$closestLimit = null; $closestLimit = null;
@ -398,17 +398,17 @@ App::init()
$isPrivilegedUser = Auth::isPrivilegedUser($roles); $isPrivilegedUser = Auth::isPrivilegedUser($roles);
$isAppUser = Auth::isAppUser($roles); $isAppUser = Auth::isAppUser($roles);
foreach ($timeLimitArray as $timeLimit) { foreach ($abuseAdapterArray as $abuseAdapter) {
foreach ($request->getParams() as $key => $value) { // Set request params as potential abuse keys foreach ($request->getParams() as $key => $value) { // Set request params as potential abuse keys
if (!empty($value)) { if (!empty($value)) {
$timeLimit->setParam('{param-' . $key . '}', (\is_array($value)) ? \json_encode($value) : $value); $abuseAdapter->setParam('{param-' . $key . '}', (\is_array($value)) ? \json_encode($value) : $value);
} }
} }
$abuse = new Abuse($timeLimit); $abuse = new Abuse($abuseAdapter);
$remaining = $timeLimit->remaining(); $remaining = $abuseAdapter->remaining();
$limit = $timeLimit->limit(); $limit = $abuseAdapter->limit();
$time = (new \DateTime($timeLimit->time()))->getTimestamp() + $route->getLabel('abuse-time', 3600); $time = (new \DateTime($abuseAdapter->time()))->getTimestamp() + $route->getLabel('abuse-time', 3600);
if ($limit && ($remaining < $closestLimit || is_null($closestLimit))) { if ($limit && ($remaining < $closestLimit || is_null($closestLimit))) {
$closestLimit = $remaining; $closestLimit = $remaining;

6
app/http.php
View file

@ -9,7 +9,7 @@ use Swoole\Http\Request as SwooleRequest;
use Swoole\Http\Response as SwooleResponse; use Swoole\Http\Response as SwooleResponse;
use Swoole\Http\Server; use Swoole\Http\Server;
use Swoole\Process; use Swoole\Process;
use Utopia\Abuse\Adapters\TimeLimit; use Utopia\Abuse\Adapters\Database as AbuseDatabase;
use Utopia\App; use Utopia\App;
use Utopia\Audit\Audit; use Utopia\Audit\Audit;
use Utopia\CLI\Console; use Utopia\CLI\Console;
@ -101,8 +101,8 @@ $http->on(Constant::EVENT_START, function (Server $http) use ($payloadSize, $reg
$audit->setup(); $audit->setup();
} }
if ($dbForConsole->getCollection(TimeLimit::COLLECTION)->isEmpty()) { if ($dbForConsole->getCollection(AbuseDatabase::COLLECTION)->isEmpty()) {
$adapter = new TimeLimit("", 0, 1, $dbForConsole); $adapter = new AbuseDatabase("", 0, 1, $dbForConsole);
$adapter->setup(); $adapter->setup();
} }

14
app/realtime.php
View file

@ -13,7 +13,7 @@ use Swoole\Runtime;
use Swoole\Table; use Swoole\Table;
use Swoole\Timer; use Swoole\Timer;
use Utopia\Abuse\Abuse; use Utopia\Abuse\Abuse;
use Utopia\Abuse\Adapters\TimeLimit; use Utopia\Abuse\Adapters\Database as AbuseDatabase;
use Utopia\App; use Utopia\App;
use Utopia\Cache\Adapter\Sharding; use Utopia\Cache\Adapter\Sharding;
use Utopia\Cache\Cache; use Utopia\Cache\Cache;
@ -463,12 +463,12 @@ $server->onOpen(function (int $connection, SwooleRequest $request) use ($server,
* *
* Abuse limits are connecting 128 times per minute and ip address. * Abuse limits are connecting 128 times per minute and ip address.
*/ */
$timeLimit = new TimeLimit('url:{url},ip:{ip}', 128, 60, $dbForProject); $abuseAdapter = new AbuseDatabase('url:{url},ip:{ip}', 128, 60, $dbForProject);
$timeLimit $abuseAdapter
->setParam('{ip}', $request->getIP()) ->setParam('{ip}', $request->getIP())
->setParam('{url}', $request->getURI()); ->setParam('{url}', $request->getURI());
$abuse = new Abuse($timeLimit); $abuse = new Abuse($abuseAdapter);
if (System::getEnv('_APP_OPTIONS_ABUSE', 'enabled') === 'enabled' && $abuse->check()) { if (System::getEnv('_APP_OPTIONS_ABUSE', 'enabled') === 'enabled' && $abuse->check()) {
throw new Exception(Exception::REALTIME_TOO_MANY_MESSAGES, 'Too many requests'); throw new Exception(Exception::REALTIME_TOO_MANY_MESSAGES, 'Too many requests');
@ -563,13 +563,13 @@ $server->onMessage(function (int $connection, string $message) use ($server, $re
* *
* Abuse limits are sending 32 times per minute and connection. * Abuse limits are sending 32 times per minute and connection.
*/ */
$timeLimit = new TimeLimit('url:{url},connection:{connection}', 32, 60, $database); $abuseDatabase = new AbuseDatabase('url:{url},connection:{connection}', 32, 60, $database);
$timeLimit $abuseDatabase
->setParam('{connection}', $connection) ->setParam('{connection}', $connection)
->setParam('{container}', $containerId); ->setParam('{container}', $containerId);
$abuse = new Abuse($timeLimit); $abuse = new Abuse($abuseDatabase);
if ($abuse->check() && System::getEnv('_APP_OPTIONS_ABUSE', 'enabled') === 'enabled') { if ($abuse->check() && System::getEnv('_APP_OPTIONS_ABUSE', 'enabled') === 'enabled') {
throw new Exception(Exception::REALTIME_TOO_MANY_MESSAGES, 'Too many messages.'); throw new Exception(Exception::REALTIME_TOO_MANY_MESSAGES, 'Too many messages.');

8
src/Appwrite/Platform/Workers/Deletes.php
View file

@ -7,7 +7,7 @@ use Appwrite\Extend\Exception;
use Executor\Executor; use Executor\Executor;
use Throwable; use Throwable;
use Utopia\Abuse\Abuse; use Utopia\Abuse\Abuse;
use Utopia\Abuse\Adapters\TimeLimit; use Utopia\Abuse\Adapters\Database as AbuseDatabase;
use Utopia\Audit\Audit; use Utopia\Audit\Audit;
use Utopia\Cache\Adapter\Filesystem; use Utopia\Cache\Adapter\Filesystem;
use Utopia\Cache\Cache; use Utopia\Cache\Cache;
@ -493,7 +493,7 @@ class Deletes extends Action
$projectCollectionIds = [ $projectCollectionIds = [
...\array_keys(Config::getParam('collections', [])['projects']), ...\array_keys(Config::getParam('collections', [])['projects']),
Audit::COLLECTION, Audit::COLLECTION,
TimeLimit::COLLECTION, AbuseDatabase::COLLECTION,
]; ];
$limit = \count($projectCollectionIds) + 25; $limit = \count($projectCollectionIds) + 25;
@ -686,8 +686,8 @@ class Deletes extends Action
{ {
$projectId = $project->getId(); $projectId = $project->getId();
$dbForProject = $getProjectDB($project); $dbForProject = $getProjectDB($project);
$timeLimit = new TimeLimit("", 0, 1, $dbForProject); $abuseAdapter = new AbuseDatabase("", 0, 1, $dbForProject);
$abuse = new Abuse($timeLimit); $abuse = new Abuse($abuseAdapter);
try { try {
$abuse->cleanup($abuseRetention); $abuse->cleanup($abuseRetention);