From 25510b6616261efff26763debbfc34040bd67176 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Wed, 31 Mar 2021 22:29:31 +0100
Subject: [PATCH] Add additional limits on sending messages

Additional limits apply to new accounts and accounts with
unresolved issues reported against them.

Fixes #3135
---
 app/controllers/messages_controller.rb | 2 +-
 app/models/issue.rb                    | 2 +-
 app/models/user.rb                     | 9 +++++++++
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/app/controllers/messages_controller.rb b/app/controllers/messages_controller.rb
index dea5c3b07..dacd00261 100644
--- a/app/controllers/messages_controller.rb
+++ b/app/controllers/messages_controller.rb
@@ -26,7 +26,7 @@ class MessagesController < ApplicationController
     @message.sender = current_user
     @message.sent_on = Time.now.getutc
 
-    if current_user.sent_messages.where("sent_on >= ?", Time.now.getutc - 1.hour).count >= Settings.max_messages_per_hour
+    if current_user.sent_messages.where("sent_on >= ?", Time.now.getutc - 1.hour).count >= current_user.max_messages_per_hour
       flash.now[:error] = t ".limit_exceeded"
       render :action => "new"
     elsif @message.save
diff --git a/app/models/issue.rb b/app/models/issue.rb
index c0707728e..c94fe56a7 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -46,7 +46,7 @@ class Issue < ApplicationRecord
 
   before_validation :set_reported_user
 
-  scope :with_status, ->(issue_status) { where(:status => statuses[issue_status]) }
+  scope :with_status, ->(issue_status) { where(:status => issue_status) }
   scope :visible_to, ->(user) { where(:assigned_role => user.roles.map(&:role)) }
 
   def read_reports
diff --git a/app/models/user.rb b/app/models/user.rb
index 42fa40e53..26a9f33e1 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -296,6 +296,15 @@ class User < ApplicationRecord
     digest.hexdigest
   end
 
+  def max_messages_per_hour
+    account_age_in_seconds = Time.now.utc - creation_time
+    account_age_in_hours = account_age_in_seconds / 3600
+    recent_messages = messages.where("sent_on >= ?", Time.now.utc - 3600).count
+    active_reports = issues.with_status(:open).sum(:reports_count)
+    max_messages = account_age_in_hours.ceil + recent_messages - active_reports * 10
+    max_messages.clamp(0, Settings.max_messages_per_hour)
+  end
+
   private
 
   def set_defaults
-- 
2.45.1