// check if a given user has used his global daily posting quota public static bool UserDailyGlobalPostingQuotaUsed(string userName) { // only execute this check if user account is less than a month old and user SCP is less than 50 and user is not posting to a sub they own/moderate DateTime userRegistrationDateTime = GetUserRegistrationDateTime(userName); int memberInDays = (DateTime.Now - userRegistrationDateTime).Days; int userScp = Karma.LinkKarma(userName); if (memberInDays > 30 && userScp >= 50) { return(false); } // set starting date to 24 hours ago from now var fromDate = DateTime.Now.Add(new TimeSpan(0, -24, 0, 0, 0)); var toDate = DateTime.Now; // read daily global posting quota configuration parameter from web.config int dpqps = Settings.DailyGlobalPostingQuota; using (var db = new voatEntities()) { // check how many submission user made today var userSubmissionsToTargetSub = db.Submissions.Count(m => m.UserName.Equals(userName, StringComparison.OrdinalIgnoreCase) && m.CreationDate >= fromDate && m.CreationDate <= toDate); if (dpqps <= userSubmissionsToTargetSub) { return(true); } return(false); } }
// various spam checks, to be replaced with new rule engine public static async Task <string> PreAddSubmissionCheck(Submission submissionModel, HttpRequestBase request, string userName, Subverse targetSubverse, Func <HttpRequestBase, Task <bool> > captchaValidator) { // TODO: reject if a submission with this title was posted in the last 60 minutes // check posting quotas if user is posting to subs they do not moderate if (!UserHelper.IsUserSubverseModerator(userName, submissionModel.Subverse)) { // reject if user has reached global daily submission quota if (UserHelper.UserDailyGlobalPostingQuotaUsed(userName)) { return("You have reached your daily global submission quota."); } // reject if user has reached global hourly submission quota if (UserHelper.UserHourlyGlobalPostingQuotaUsed(userName)) { return("You have reached your hourly global submission quota."); } // check if user has reached hourly posting quota for target subverse if (UserHelper.UserHourlyPostingQuotaForSubUsed(userName, submissionModel.Subverse)) { return("You have reached your hourly submission quota for this subverse."); } // check if user has reached daily posting quota for target subverse if (UserHelper.UserDailyPostingQuotaForSubUsed(userName, submissionModel.Subverse)) { return("You have reached your daily submission quota for this subverse."); } } // verify recaptcha if user has less than 25 CCP var userCcp = Karma.CommentKarma(userName); if (userCcp < 25) { bool isCaptchaCodeValid = await captchaValidator(request); if (!isCaptchaCodeValid) { // TODO: SET PREVENT SPAM DELAY TO 0 return("Incorrect recaptcha answer."); } } // if user CCP or SCP is less than -10, allow only X submissions per 24 hours var userScp = Karma.LinkKarma(userName); if (userCcp <= -10 || userScp <= -10) { var quotaUsed = UserHelper.UserDailyPostingQuotaForNegativeScoreUsed(userName); if (quotaUsed) { return("You have reached your daily submission quota. Your current quota is " + Settings.DailyPostingQuotaForNegativeScore + " submission(s) per 24 hours."); } } // check if subverse has "authorized_submitters_only" set and dissalow submission if user is not allowed submitter if (targetSubverse.IsAuthorizedOnly) { if (!UserHelper.IsUserSubverseModerator(userName, targetSubverse.Name)) { return("You are not authorized to submit links or start discussions in this subverse. Please contact subverse moderators for authorization."); } } // null is returned if all checks have passed return(null); }