mirror of
https://github.com/basecamp/once-campfire.git
synced 2026-05-05 18:31:01 +09:00
30fe6ab121
This adds the ability to ban a user by their IP address. When an admin is viewing a user profile, a new "Ban user" button is present. Clicking on that will: - Create a ban on the IP addresses that were tracked for that user's sessions - Remove all the messages authored by that user - Log the user out immediately In addition, that user will no longer be shown in most user lists in the app. They are still shown to admins, in account settings. Viewing their profile from there will now show a "Remove ban" button which can be used to restore their access (it doesn't restore their messages though -- those are already gone -- it just removes the blocks so they can log in again).
17 lines
319 B
Ruby
17 lines
319 B
Ruby
module BlockBannedRequests
|
|
extend ActiveSupport::Concern
|
|
|
|
included do
|
|
before_action :reject_banned_ip, unless: :safe_request?
|
|
end
|
|
|
|
private
|
|
def reject_banned_ip
|
|
head :too_many_requests if Ban.banned?(request.remote_ip)
|
|
end
|
|
|
|
def safe_request?
|
|
request.get? || request.head?
|
|
end
|
|
end
|