// various spam checks, to be replaced with new rule engine
public static async Task<string> PreAddSubmissionCheck(Message submissionModel, HttpRequestBase request, string userName, Subverse targetSubverse, Func<HttpRequestBase, Task<bool>> captchaValidator)
{
// TODO: reject if a submission with this title was posted in the last 60 minutes
// check posting quotas if user is posting to subs they do not moderate
if (!UserHelper.IsUserSubverseModerator(userName, submissionModel.Subverse))
{
// reject if user has reached global daily submission quota
if (UserHelper.UserDailyGlobalPostingQuotaUsed(userName))
{
return ("You have reached your daily global submission quota.");
}
// reject if user has reached global hourly submission quota
if (UserHelper.UserHourlyGlobalPostingQuotaUsed(userName))
{
return ("You have reached your hourly global submission quota.");
}
// check if user has reached hourly posting quota for target subverse
if (UserHelper.UserHourlyPostingQuotaForSubUsed(userName, submissionModel.Subverse))
{
return ("You have reached your hourly submission quota for this subverse.");
}
// check if user has reached daily posting quota for target subverse
if (UserHelper.UserDailyPostingQuotaForSubUsed(userName, submissionModel.Subverse))
{
return ("You have reached your daily submission quota for this subverse.");
}
}
// verify recaptcha if user has less than 25 CCP
var userCcp = Karma.CommentKarma(userName);
if (userCcp < 25)
{
bool isCaptchaCodeValid = await captchaValidator(request);
if (!isCaptchaCodeValid)
{
// TODO: SET PREVENT SPAM DELAY TO 0
return ("Incorrect recaptcha answer.");
}
}
// if user CCP or SCP is less than -50, allow only X submissions per 24 hours
var userScp = Karma.LinkKarma(userName);
if (userCcp <= -50 || userScp <= -50)
{
var quotaUsed = UserHelper.UserDailyPostingQuotaForNegativeScoreUsed(userName);
if (quotaUsed)
{
return ("You have reached your daily submission quota. Your current quota is " + Settings.DailyPostingQuotaForNegativeScore + " submission(s) per 24 hours.");
}
}
// check if subverse has "authorized_submitters_only" set and dissalow submission if user is not allowed submitter
if (targetSubverse.authorized_submitters_only)
{
if (!UserHelper.IsUserSubverseModerator(userName, targetSubverse.name))
{
return ("You are not authorized to submit links or start discussions in this subverse. Please contact subverse moderators for authorization.");
}
}
// null is returned if all checks have passed
return null;
}
// add new link submission
public static async Task<string> AddNewSubmission(Message submissionModel, Subverse targetSubverse, string userName)
{
using (var db = new voatEntities())
{
// LINK TYPE SUBMISSION
if (submissionModel.Type == 2)
{
// strip unicode if title contains unicode
if (ContainsUnicode(submissionModel.Linkdescription))
{
submissionModel.Linkdescription = StripUnicode(submissionModel.Linkdescription);
}
// reject if title is whitespace or < than 5 characters
if (submissionModel.Linkdescription.Length < 5 || String.IsNullOrWhiteSpace(submissionModel.Linkdescription))
{
return ("The title may not be less than 5 characters.");
}
// make sure the input URI is valid
if (!UrlUtility.IsUriValid(submissionModel.MessageContent))
{
// ABORT
return ("The URI you are trying to submit is invalid.");
}
// check if target subvere allows submissions from globally banned hostnames
if (!targetSubverse.exclude_sitewide_bans)
{
// check if hostname is banned before accepting submission
var domain = UrlUtility.GetDomainFromUri(submissionModel.MessageContent);
if (BanningUtility.IsHostnameBanned(domain))
{
// ABORT
return ("The hostname you are trying to submit is banned.");
}
}
// check if user has reached daily crossposting quota
if (UserHelper.DailyCrossPostingQuotaUsed(userName, submissionModel.MessageContent))
{
// ABORT
return ("You have reached your daily crossposting quota for this URL.");
}
// check if target subverse has thumbnails setting enabled before generating a thumbnail
if (targetSubverse.enable_thumbnails)
{
// try to generate and assign a thumbnail to submission model
submissionModel.Thumbnail = await ThumbGenerator.ThumbnailFromSubmissionModel(submissionModel);
}
// flag the submission as anonymized if it was submitted to a subverse with active anonymized_mode
if (targetSubverse.anonymized_mode)
{
submissionModel.Anonymized = true;
}
else
{
submissionModel.Name = userName;
}
// accept submission and save it to the database
submissionModel.Subverse = targetSubverse.name;
submissionModel.Likes = 1;
db.Messages.Add(submissionModel);
// update last submission received date for target subverse
targetSubverse.last_submission_received = DateTime.Now;
await db.SaveChangesAsync();
}
else
// MESSAGE TYPE SUBMISSION
{
// strip unicode if submission contains unicode
if (ContainsUnicode(submissionModel.Title))
{
submissionModel.Title = StripUnicode(submissionModel.Title);
}
// reject if title is whitespace or less than 5 characters
if (submissionModel.Title.Length < 5 || String.IsNullOrWhiteSpace(submissionModel.Title))
{
return ("Sorry, submission title may not be less than 5 characters.");
}
// flag the submission as anonymized if it was submitted to a subverse with active anonymized_mode
if (targetSubverse.anonymized_mode)
{
submissionModel.Anonymized = true;
}
else
{
submissionModel.Name = userName;
}
// grab server timestamp and modify submission timestamp to have posting time instead of "started writing submission" time
submissionModel.Subverse = targetSubverse.name;
submissionModel.Date = DateTime.Now;
submissionModel.Likes = 1;
db.Messages.Add(submissionModel);
// update last submission received date for target subverse
targetSubverse.last_submission_received = DateTime.Now;
if (ContentProcessor.Instance.HasStage(ProcessingStage.InboundPreSave))
{
submissionModel.MessageContent = ContentProcessor.Instance.Process(submissionModel.MessageContent, ProcessingStage.InboundPreSave, submissionModel);
}
await db.SaveChangesAsync();
if (ContentProcessor.Instance.HasStage(ProcessingStage.InboundPostSave))
{
ContentProcessor.Instance.Process(submissionModel.MessageContent, ProcessingStage.InboundPostSave, submissionModel);
}
}
}
// null is returned if no errors were raised
return null;
}